Releases: CyberDefenseInstitute/CDIR-A
Releases · CyberDefenseInstitute/CDIR-A
2306
2207
fix usnjrnl encoding issue
2010
- prefetch.py
- fixed interpretation of run count information
- amcache.py
- fixed bug so as to correctly write the header when ingesting multiple target hosts
- added "--no-header-inventory" option
- upgrade third party tools
- BrowsingHistoryView.exe: 2.25 to 2.41
- NetworkUsageView.exe: 1.13 to 1.20
2001
-
prefetch.py, amcache.py, usnjrnl.py, parserutility.py, PyWMIPersistenceFinder.py
- modified to run on python3.
errors may occur on python2.
- modified to run on python3.
-
prefetch.exe, amcache.exe, usnjrnl.exe, parserutility.exe, PyWMIPersistenceFinder.exe
- replaced with the ones from the modified *.py above.
1910
-
prefetch.exe
- add functionality to parse the prefetch file in ADS.
- fix bug so as to correctly parse the run count contained in prefetch files of Windows 10 version 1903.
-
upgrade third party tools
- Secure2Csv64.exev: 1.0.0.8 to 1.0.0.9
- NetworkUsageView.exe: 1.12 to 1.13
- BrowsingHistoryView.exe: 2.17 to 2.25
1902
- mft.exe
- improved handling of path name
- fixed interpretation of size information
- fixed processing of -e option
- regruns.exe and shimcache.exe
- fixed even if a hive is dirty and no transaction logs
- workaround for handling of irregular key
- LPSLibrary_CDI.XML
- added a query for network status
- splitted into two queries about sleep and clocks change
- prefetch.exe
- fixed processing if a prefetch file is truncated
- added third party tools:
- BrowsingHistoryView.exe
- NetworkUsageView.exe
- PyWMIPersistenceFinder.exe
- Secure2Csv64.exe